Esempio n. 1
0
 def update_actions(self, old_alarm=None):
     trustor_user_id = pecan.request.headers.get("X-User-Id")
     trustor_project_id = pecan.request.headers.get("X-Project-Id")
     roles = pecan.request.headers.get("X-Roles", "")
     if roles:
         roles = roles.split(",")
     else:
         roles = []
     auth_plugin = pecan.request.environ.get("keystone.token_auth")
     for actions in (self.ok_actions, self.alarm_actions, self.insufficient_data_actions):
         if actions is not None:
             for index, action in enumerate(actions[:]):
                 url = netutils.urlsplit(action)
                 if self._is_trust_url(url):
                     if "@" not in url.netloc:
                         # We have a trust action without a trust ID,
                         # create it
                         trust_id = keystone_client.create_trust_id(
                             pecan.request.cfg, trustor_user_id, trustor_project_id, roles, auth_plugin
                         )
                         netloc = "%s:delete@%s" % (trust_id, url.netloc)
                         url = list(url)
                         url[1] = netloc
                         actions[index] = urlparse.urlunsplit(url)
     if old_alarm:
         new_actions = list(
             itertools.chain(self.ok_actions or [], self.alarm_actions or [], self.insufficient_data_actions or [])
         )
         for action in itertools.chain(
             old_alarm.ok_actions or [], old_alarm.alarm_actions or [], old_alarm.insufficient_data_actions or []
         ):
             if action not in new_actions:
                 self.delete_trust(action)
Esempio n. 2
0
 def update_actions(self, old_alarm=None):
     trustor_user_id = pecan.request.headers.get('X-User-Id')
     trustor_project_id = pecan.request.headers.get('X-Project-Id')
     roles = pecan.request.headers.get('X-Roles', '')
     if roles:
         roles = roles.split(',')
     else:
         roles = []
     auth_plugin = pecan.request.environ.get('keystone.token_auth')
     for actions in (self.ok_actions, self.alarm_actions,
                     self.insufficient_data_actions):
         if actions is not None:
             for index, action in enumerate(actions[:]):
                 url = netutils.urlsplit(action)
                 if self._is_trust_url(url):
                     if '@' not in url.netloc:
                         # We have a trust action without a trust ID,
                         # create it
                         trust_id = keystone_client.create_trust_id(
                             pecan.request.cfg, trustor_user_id,
                             trustor_project_id, roles, auth_plugin)
                         netloc = '%s:delete@%s' % (trust_id, url.netloc)
                         url = list(url)
                         url[1] = netloc
                         actions[index] = urlparse.urlunsplit(url)
     if old_alarm:
         new_actions = list(
             itertools.chain(self.ok_actions or [], self.alarm_actions
                             or [], self.insufficient_data_actions or []))
         for action in itertools.chain(
                 old_alarm.ok_actions or [], old_alarm.alarm_actions or [],
                 old_alarm.insufficient_data_actions or []):
             if action not in new_actions:
                 self.delete_trust(action)
Esempio n. 3
0
    def update_actions(self, old_alarm=None):
        trustor_user_id = pecan.request.headers.get('X-User-Id')
        trustor_project_id = pecan.request.headers.get('X-Project-Id')
        roles = pecan.request.headers.get('X-Roles', '')
        if roles:
            roles = roles.split(',')
        else:
            roles = []
        auth_plugin = pecan.request.environ.get('keystone.token_auth')

        if old_alarm:
            prev_trust_ids = set(old_alarm._get_existing_trust_ids())
        else:
            prev_trust_ids = set()
        trust_id = prev_trust_ids.pop() if prev_trust_ids else None
        trust_id_used = False

        for actions in (self.ok_actions, self.alarm_actions,
                        self.insufficient_data_actions):
            if actions is not None:
                for index, action in enumerate(actions[:]):
                    url = netutils.urlsplit(action)
                    if self._is_trust_url(url):
                        if '@' in url.netloc:
                            errmsg = _("trust URL cannot contain a trust ID.")
                            raise base.ClientSideError(errmsg)
                        if trust_id is None:
                            # We have a trust action without a trust ID,
                            # create it
                            trust_id = keystone_client.create_trust_id(
                                pecan.request.cfg, trustor_user_id,
                                trustor_project_id, roles, auth_plugin)
                        if trust_id_used:
                            pw = ''
                        else:
                            pw = ':delete'
                            trust_id_used = True
                        netloc = '%s%s@%s' % (trust_id, pw, url.netloc)
                        url = urlparse.SplitResult(url.scheme, netloc,
                                                   url.path, url.query,
                                                   url.fragment)
                        actions[index] = url.geturl()
        if trust_id is not None and not trust_id_used:
            prev_trust_ids.add(trust_id)
        for old_trust_id in prev_trust_ids:
            keystone_client.delete_trust_id(pecan.request.cfg, old_trust_id,
                                            auth_plugin)